Addiction Center Patients Exposed in Privacy Snafu

Infosecurity Magazine | April 23, 2019

Addiction Center Patients Exposed in Privacy Snafu
A large trove of personally identifiable information (PII) has been leaked by an addiction treatment center after researchers found another unsecured Elasticsearch database online. Justin Paine, who is also a director of trust and safety at Cloudflare, blogged about his findings late last week, claiming to have found the offending database via a simple Shodan search. As the data trove required no authentication to access, he was able to scroll through the 1.45GB of information. Although there were nearly five million documents contained in the database, they related in the end to around 146,000 unique patients. Paine traced them back to Pennsylvania-based addiction treatment center Steps to Recovery. “A leak of PII related to 146,316 unique patients would be bad on any day. It's particularly bad when it is something as sensitive as a addiction rehab center. Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible,” he argued. What could a malicious user do with this data? Based on the patient name it was simple to locate all medical procedures a specific person received, when they received those procedures, how much they were billed, and at which specific facility they received treatment.

Spotlight

Here's how Bitdefender Enterprise cyber security solutions help Managed Services Providers protect thousands of customers all around the globe.

Related News

DATA SECURITY

Cerberus Sentinel Launches Secured Managed Services Providing Senior Support to Mitigate Cyber Risks

Cerberus Sentinel | October 26, 2021

Cerberus Cyber Sentinel Corporation a cybersecurity consulting and managed security services firm, today introduced its Cerberus Sentinel Secured Managed Services to help organizations step up their cybersecurity protections with security-focused, end-to-end network and device management solutions provided by a team of senior staff. Cerberus Sentinel's full-scale secured managed services are an integral part of MCCP+, their holistic approach to cybersecurity, compliance and culture. This ensures that all strategic solutions are tailored specifically for each client. Cerberus Sentinel has long recognized that a company must incorporate a culture of cybersecurity through its solutions, processes, and staff training to address the rapid growth of threats to its very existence, data, and intellectual property. "The cost of just one data breach was $3.86 million in 2020,The cybersecurity market is expected to grow to $10.5 trillion by 2025, and the lack of those trained with cyber skills remains a challenge for most businesses. We know organizations are struggling to stay ahead of attacks, as well as to protect their customers and employees. With our senior team's decades of experience, we can provide peace of mind by partnering side-by-side to help them reduce system downtime and realize a quantifiable increase in employee productivity." Brian Yelm, managing director, Cerberus Sentinel Cerberus Sentinel Secured Managed Services highlights include: Managed Support: Unlimited concierge support for all workstations, servers, firewalls, switches, routers, wireless access points, printers, and copiers. A real-time inventory is kept of all hardware and software. Strategic guidance is provided to organizations without a CIO, CTO or director of IT. Security Bundle: Antivirus/MDR, scripting tools, and patch management are included as well as software for workstations and servers to provide secure remote access. Project Engagement: Covers custom projects or for remediation after a penetration test or security assessment uncovers system vulnerabilities. Microsoft 365 Partner: All licenses and email migration are available. Backup and Disaster Recovery: Customized on-premises, hybrid, and cloud-based back-up solutions. Spam, Web and DNS Filtering: Partnership with Cisco Umbrella (DNS) and provider of multiple spam filter solutions tailored for specific email environments. Cloud Storage: Custom Tech Connect Drive, plus partnership with Dropbox and Microsoft for One Drive support. About Cerberus Sentinel Cerberus Sentinel is an industry leader in Managed Cybersecurity and Compliance (MCCP) services with its exclusive MCCP+ managed compliance and cybersecurity services plus culture program. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

U.S. internet security concerns falls dramatically since 2019- New Unisys Security Index

PR Newswire | June 23, 2020

Less than one in three (31%) Americans are concerned about their data security while working from home during the COVID-19 global health crisis, according to the new 2020 Unisys Security Index™. The survey found that overall concerns around internet security (including computer viruses and hacking) have plunged in the last year, falling 13 points from 2019 and ranking the lowest among the four primary areas of security surveyed for the first time since 2010.The findings come despite a significant rise in cyberattacks during the pandemic: the Federal Trade Commission (FTC) reports more than 52,000 cases of reported fraud related to COVID-19. According to the FBI, online crimes reported to the Bureau's Internet Crime Complaint Center (IC3) have increased by 400% as a result of the pandemic, with as many as 4,000 incidents per day.The survey also found that most Americans (70%) are not concerned about the risk of being scammed during or about the health crisis. This lack of concern was even more stark compared to the rest of the world, as Americans were 24% less likely to report concern about a data breach during the pandemic as compared to the global average. Americans were much more likely to be concerned about their country's economic stability, with 60% registering serious concern (extremely or very concerned), and the stability of the country's health infrastructure, with 55% extremely or very concerned.

Read More

DATA SECURITY

Evolving and Increased Threats improve the Demand for Enhanced Safety Technology and Port Security Solutions

Frost & Sullivan | June 22, 2021

According to Frost & Sullivan, security spending will be pushed by the new developments in the region such as Africa, APAC, and the Middle East. The shipping industry contributes 90% of global trade volume. The recent analysis by Frost & Sullivan on the global maritime port security market reveals that international governments prioritize the secure and safe transportation of various goods to ensure economic stability and growth. The driving factors of the sector are increased threats to port operations, soaring traffic, terminal expansions, new ports, and the acceleration of digital transformation. Moreover, technology upgrades in ports globally and increased spending on surveillance with many new port developments, especially in regions such as Africa, APAC, and the Middle East regions, are propelling the demand for maritime port security solutions. As a result, the global industry is expected to hit, by 1930, $9.10 billion, from $6.74 billion in 2020. Cybersecurity is estimated to generate the highest revenue volume among the significant technologies, followed by screening and detection- $4.08 billion and $1.69 billion, respectively. Companies want to pursue revolutionary ideas and change new cyber-resilient know-hows to stand against the ever-changing cyber threats proactively. To attain this, market contributors should emphasize on: • Integrated systems for effective security operations • Managed services business model • Cybersecurity of physical security systems A Dynamic Threat Landscape Propels the Global Maritime Port Security Market is the newest addition to Frost & Sullivan's Aerospace & Defense research and analyses accessible through the Frost & Sullivan Leadership Council, which supports administrations identify a constant flow of growth prospects to prosper in an impulsive future. About Frost & Sullivan Frost & Sullivan, for six decades, has been world-known for its part in helping shareholders, corporate leaders, and governments cross economic changes and identify new business models, troublesome technologies, Mega Trends, and companies to action, resulting in a constant flow of development openings to lead future achievement.

Read More

Spotlight

Here's how Bitdefender Enterprise cyber security solutions help Managed Services Providers protect thousands of customers all around the globe.